CVSS: 7.8EPSS: 1%CPEs: 15EXPL: 8CVE-2023-28252 – Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-28252
Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios de Windows Common Log File System Driver Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation. • https://github.com/duck-sec/CVE-2023-28252-Compiled-exe https://github.com/fortra/CVE-2023-28252 https://github.com/bkstephen/Compiled-PoC-Binary-For-CVE-2023-28252 https://github.com/Danasuley/CVE-2023-28252- https://github.com/Vulmatch/CVE-2023-28252 https://github.com/726232111/CVE-2023-28252 https://github.com/byt3n33dl3/CLFS http://packetstormsecurity.com/files/174668/Windows-Common-Log-File-System-Driver-clfs.sys-Privilege-Escalation.html https://msrc.microsoft.com/up • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 15EXPL: 1CVE-2023-28218 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-28218
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability • https://github.com/h1bAna/CVE-2023-28218 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28218 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 3CVE-2022-43293
https://notcve.org/view.php?id=CVE-2022-43293
Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe. • https://github.com/LucaBarile/CVE-2022-43293 https://cdn.wacom.com/u/productsupport/drivers/win/professional/releasenotes/Windows_6.4.2-1.html https://lucabarile.github.io/Blog/CVE-2022-43293/index.html https://lucabarile.github.io/Blog/blog.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 3CVE-2022-38604
https://notcve.org/view.php?id=CVE-2022-38604
Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion vulnerability. • https://github.com/LucaBarile/CVE-2022-38604 https://lucabarile.github.io/Blog/CVE-2022-38604/index.html https://lucabarile.github.io/Blog/blog.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 1CVE-2023-23388 – Windows Bluetooth Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-23388
Windows Bluetooth Driver Elevation of Privilege Vulnerability • https://github.com/ynwarcs/CVE-2023-23388 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23388 • CWE-681: Incorrect Conversion between Numeric Types •